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Alerting Abstract WO A2 

NOVELTY - The method involves receiving a second message in a receiver together with the 
instance of the service. The second message includes a key derivation value that is used with a 
long-term key to obtain the short-term key to decrypt the instance of the service. 
DESCRIPTION - A control word is combined into an encrypted coded message (ECM) (107) with 
other service-related information. The ECM (107) is authenticated by Control Word Encrypt & 
Message Authenticate function (204) which produces a message authentication code using a keyed- 
hash value derived from the message content combined with a secret which can be shared with the 
receiving set-top box (1 13). This secret is preferably part or all of a multisession key (MSS) (208). 
The message authentication code is appended to the rest of the ECM (107). The CAW (202) is 
always encrypted before being sent along with the other parts of the ECM to MX (200). This 
encryption is preferably a symmetric cipher such as the Triple-DES algorithm using two distinct 
56-bit keys (which taken together comprise MSS (208). 

USE - The invention concerns systems for protecting information and more particularly concerns 
systems for protecting information that is transmitted by a wired or wireless medium against 
unauthorized access. 

ADVANTAGE - The service distribution organizations require access restrictions which are both 
more secure and more flexible than those in conventional systems 

DESCRIPTION OF DRAWINGS - The drawing is a block diagram of service instance encryption 
techniques. 
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A cable television system provides conditional access to services. The cable television system 
includes a headend from which service "instances' 1 , or programs, are broadcast and a plurality of set 
top units for receiving the instances and selectively decrypting the instances for display to system 
subscribers. The service instances are encrypted using public and/or private keys provided by 
service providers or central authorization agents. Keys used by the set tops for selective decryption 
may also be public or private in nature, and such keys may be reassigned at different times to 
provide a cable television system in which piracy concerns are minimized. 
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Language: EN 

Application: EP 1998960147 A 19980731 (Local application) 
WO 1998US 16079 A 19980731 (PCT Application) 
Priority: US 199754575 P 19970801 
US 1998126921 A 19980731 

Related Publication: WO 1999009743 A (Based on OPI patent ) 
Designated States: (Regional Original) DE FR GB IT NL 
Original IPC: H04N-7/167(A) 

Current IPC: H04H-1/00(R,I,M,JP J 20060101,20051220,A,L) H04H-1/00 
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Claim: 

1. Verfahren der Entschlusselung einer Diensteeinheit (325), die mit einem gegebenen 

Kurzzeitschlussel (319) verschlusselt wurde, wobei das Verfahren in einem Empfanger (333) 
ausgefuhrt wird, der ein Offentlich/Privat-Schlusselpaar besitzt, und das Verfahren durch die 
folgenden Schritte gekennzeichnet ist: 

o im Empfanger eine erste Nachricht (3 1 5) zu empfangen, deren Inhalt einen ersten 
Langzeitschlussel (309) einschliesst und unter Verwendung des offentlichen Schlussels 
(312) fur den Empfanger (333) verschlusselt wurde; 
o den privaten Schlussel (337) zur Entschlusselung des Inhalts zu verwenden; 
o den ersten Schlussel (309) zu speichern; 

o im Empfanger (333) zusammen mit der verschlusselten Diensteeinheit (329) eine 
zweite Nachricht (323) zu empfangen, wobei die zweite Nachricht (323) einen 
Indikator fur einen zweiten Kurzzeitschlussel (3 1 9) einschliesst; 

o den Indikator und den ersten Schlussel (309) zu benutzen, um den zweiten Schlussel zu 
erhalten; worin der zweite Schlussel dem gegebenen Schlussel (3 19), mit dem der 
Dienst verschlusselt wurde, gleichwertig ist, und 

o den zweiten Schlussel zur Entschlusselung der empfangenen Diensteeinheit zu 
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verwenden. 



1 . A method of decrypting an instance of a service (325) that has been encrypted with a given 
short-term key (319), the method being carried out in a receiver (333) that has a public key- 
private key pair and the method being characterised by the following steps: 

o receiving a first message (3 15) in the receiver whose contents include a first long-term 
key (309), the contents having been encrypted using the public key (312) for the 
receiver (333); 
o using the private key (337) to decrypt the contents; 
o storing the first key (309); 

o receiving a second message (323) in the receiver (333) together with the encrypted 
instance of the service (329), the second message (323) including an indicator for a 
second short-term key (319); 

o using the indicator an the first key (309) to obtain the second key; wherein the second 
key is equivalent to the given key (319) that encrypted the service, and 

o using the second key to decrypt the received instance of the service. 



1 . Procede de decryptage d'une instance d'un service (326) qui etait cryptee avec une cle a court 
terme donnee (319), le procede etant execute dans un recepteur (333) qui comporte une paire 
de cle publique-cle privee et le procede etant caracterise par les etapes suivantes: 

o recevoir un premier message (3 1 5) dans le recepteur dont le contenu comprend une 
premiere cle a long terme (309), le contenu ayant ete crypte en utilisant la cle publique 
(3 1 2) pour le recepteur (333), 
o utiliser la cle privee (337) pour decrypter le contenu, 
o memoriser la premiere cle (309), 

o recevoir un second message (323) dans le recepteur (333) en meme temps que 

Tinstance cryptee du service (329), le second message (323) comprenant un indicateur 
pour une seconde cle a court terme (319), 
o utiliser Tindicateur et la premiere cle (309) pour obtenir la seconde cle, dans lequel 
o la seconde cle est equivalente a la cle donnee (319) qui a crypte le service, et 
o utiliser la seconde cle pour decrypter Tinstance recue du service. 



Japan 

Publication No. JP 2003521820 W (Update 200347 E) 
Publication Date: 20030715 
Language: J A (136 pages) 

Application: WO 1998US 16079 A 19980731 (PCT Application) 
JP 2000510276 A 19980731 (Local application) 
Priority: US 199754575 P 19970801 
US 1998126921 A 19980731 

Related Publication: WO 1999009743 A (Based on OPI patent ) 



http://www.dialogclassic.com/mainframe.html 



1/16/2008 



Page 9 of 10 



Original IPC: H04L-9/08(A) H04H-1/00(B) H04N-7/1 67(B) H04N-7/173(B) 
Current IPC: H04L-9/08(A) H04H-1/00(B) H04N-7/167(B) H04N-7/173(B) 

PubUcation No. JP 2005253 1 09 A (Update 200560 E) 

Publication Date: 200509 1 5 

CONDITIONAL ACCESS SYSTEM 

Assignee: SCIENTIFIC-ATLANTA INC (SCAT) 

Inventor: AKINS GLENDON L III 

PALGON MICHAELS 

PINDER HOWARD G 

WASILEWSKI ANTHONY J 

Language: JA (59 pages) 

Application: JP 2000510276 A 19980731 (Division of application) 
JP 2005120425 A 20050418 (Local application) 
Priority: US 199754575 P 19970801 
US 1998126921 A 19980731 
Original IPC: H04L-9/08(A) 

Current IPC: H04H-1/00(R,I,M,JP,20060 101 ,20051 220 AL) H04H-1/00 
(R,I,M,JP,20060101,20051220,C,L) H04L-9/08(RI,M,JP,20060101,20051220,A,L) H04L-9/08 
(R,I,M,JP,20060101,20060310,C J F)H04N-5/00(R,I,M,EP,20060101 9 20051008,A)H04N-5/00 
(R,I,M,EP,200601 01 ,2005 1 008,C) H04N-7/1 6(R,I,M,EP,200601 0 1 ,2005 1 008,A) H04N-7/1 6 
(R,I,M,EP,20060101 ,2005 1008,C) H04N-7/1 67(R,I,M,EP,20060 101 ,2005 1 008,A) H04N-7/1 67 
(R,I,M,EP,20060101,20051008,C) H04N-7/1 73(R,I,M, JP,20060 1 0 1 ,2005 1 220,A,F) H04N-7/173 
(R,I,M,JP,20060 1 01 ,2005 1 220,C,L) 

WIPO 

PubUcation No. WO 1999009743 A2 (Update 199915 B) 
Publication Date: 19990225 
CONDITIONAL ACCESS SYSTEM 
RESEAU D'ACCES CONDITIONNEL 

Assignee: SCIENTIFIC-ATLANTA, INC., Intellectual Property Dept., One Technology Parkway 

South, Norcross, GA 30092, US Residence: US Nationality: US (SCAT) 

Inventor: AKINS, Glendon, L., Ill, 2510 Windward Lane N.E., Gainesville, GA 30501, US 

PALGON, Michael, S., 1 196 Poplar Grove Drive, Atlanta, GA 30306, US 

PINDER, Howard, G, 4317 Stilson Circle, Norcross, GA 30092, US 

WASILEWSKJ, Anthony, J., 10680 Wren Ridge Road, Alpharetta, GA 30022, US 

Agent: GARDNER, Kelly, A., Scientific- Atlantic, Inc., Intellectual Property Dept., One 

Technology Parkway South, Norcross, GA 30092, US 

Language: EN (1 13 pages, 29 drawings) 

Application: WO 1998US16079 A 19980731 (Local application) 
Priority: US 199754575 P 19970801 
US 1998126921 A 19980731 

Designated States: (National Original) AL AM AT AU AZ BA BB BG BR BY CA CH CN CU CZ 
DE DK EE ES FI GB GE GH GM HR HU ID IL IS JP KE KG KP KR KZ LC LK LR LS LT LU 
LVMDMGMKMN MW MX NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT UA UG 
UZ VN YU ZW 

(Regional Original) AT BE CH CY DE DK EA ES FI FR GB GH GM GR IE IT KE LS LU MC 
MW NL OA PT SD SE SZ UG ZW 
Original IPC: H04N-7/1 67(A) 

Current IPC: H04H-1/00(R,I,M,JP,20060 10 1,20051 220, A,L) H04H-1/00 



http://www.dialogclassic.com/mainn-ame.html 



1/16/2008 



Page 10 of 10 



(RJ,M,JP,20060101,20051220,C,L) H04L-9/08(R,I 3 M,JP,20060101 5 20051220 5 A 3 L) H04L-9/08 
(R,I,M,JP,20060101 ,200603 10,C,F) H04N-5/00(R,I,HEP,200601 01,20051008^) H04N-5/00 
(R,I,M,EP,20060 1 01 ,2005 1 008,C) H04N-7/1 6(R,I,M,EP,20060 1 0 1 ,2005 1 008,A) H04N-7/1 6 
(R,I,M,EP,200601 01 ,2005 1008,C) H04N-7/167(R 3 I,M,EP,200601 01 ,20051008,A) H04N-7/167 
(R,I,M,EP,20060101,20051008,C) H04N-7/173(R,I,M,JP,20060 10 1,2005 1220, A,F) H04N-7/173 
(R,I,M,JP,20060101,20051220 3 C,L) 
Original Abstract: 

A cable television system provides conditional access to services. The cable television system 
includes a headend from which service "instances", or programs, are broadcast and a plurality of set 
top units for receiving the instances and selectively decrypting the instances for display to system 
subscribers- The service instances are encrypted using public and/or private keys provided by 
service providers or central authorization agents. Keys used by the set tops for selective decryption 
may also be public or private in nature, and such keys may be reassigned at different times to 
provide a cable television system in which piracy concerns are minimized. 

Un reseau de television par cable assure un acces conditionnel a des services. Le reseau de 
television par cable comprend une tete de reseau a partir de laquelle on diffuse les "instances" de 
service ou programmes. Ce reseau comprend aussi une pluralite d'unites decodeurs concues pour 
recevoir les instances et dechiffrer selectivement les instances qui vont s'afficher pour les abonnes 
du reseau. Les instances de service sont chiffrees par des cles publiques et/ou privees fournies par 
des fournisseurs de service ou des agents d'autorisation centraux.Les cles utilisees par les decodeurs 
permettant un dechiffrement selectif peuvent aussi etre publiques ou privees et de telles cles 
peuvent etre reaffectees a differents moments pour assurer un reseau de television par cable dans 
lequel les risques de piratage sont minimises. 
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